Many targeted digital attacks rely on tricking users into executing malicious code. As users become increasingly aware that file extensions such as “.exe” might indicate a potential threat, attackers are resorting to more devious methods by which they attempt to manipulate users into executing malicious code. In some examples, an attacker may use various methods of hiding the “.exe” file extension from the end user. Such an attack may cause the malicious file to appear as though it were a harmless file type, such as an ADOBE PORTABLE DOCUMENT FORMAT (PDF) file type, especially when used in conjunction with other methods of attack.
Unfortunately, traditional methods of detecting malicious files may fail to identify certain methods of disguising malicious files. Moreover, most users have legitimate reasons for sending or opening executable files. Instituting a blanket prohibition on the transfer or use of such files may interfere with user communications or a user's ability to operate their computing device. Moreover, manual inspection of malicious files is both inefficient and prone to human error. The instant disclosure, therefore, identifies and addresses a need for additional and improved systems and methods for identifying malicious files.